Search This Blog

Posts

Season's greetings. Time to break out the boxset of Glee and rewatch all Hugh Grant's movies again.

It's been a good year. Mostly. Paul learned how to program in Python (somewhat/mostly) and did his first public talk. He made a short Maltego video too. Andrew traveled the world and sauna-ed with strangers. Someone (you know who you are) hugged him and he was OK with it. Uhmmm...no - not at said sauna. I started drawing things and managed an entire day at Defcon before hiding in my hotel room. We appointed RI to sort out our admin. The office dog doesn't eat our checks anymore (BTW, this really happened, try to explain that to your bank). We all received Tshirts from Russia.

Maltego got a transform hub and we've added a ton of providers. We made a new TDS. We added a few transforms. We made a developer portal thing-thing. Compared with what's happening in the next year it's pretty boring. So what you ask is on the menu?

This blog post (one of the few by Andrew) is here to tell you about the new public TDS (technically an update for the community TDS so that it is inline with the private TDS source base). For those who aren't interested in reading all the words we have a great video to talk about this below:

Let's start off with an introduction to the TDS. It provides an easy to use, distributable means of writing and sharing transforms (and essentially the data so that users can turn that into intelligence) . All the transforms in the transform hub are built on either the the free public TDS or a private one.

When a "normal" transform (one on the public/private CTAS) runs what happens in the back is that a message is sent to the server containing the entity details (like its value and other properties) as well as the transform that needs to run. For example it could be the domain …

Services like Google Analytics allow you to easily add functionality to your website simply by pasting a bit of JavaScript into your page's html. Often this JavaScript includes a tracking code that uniquely identifies the site owner's account with that service. Searching this tracking code with a search engine that indexes JavaScript allows you to find other sites that belong to the same user. There are quite a few web services that require you to add a tracking code to your webpage in order to use it. For analysts this provides a great way for making connections between websites that may seem unrelated using other OSINT techniques.

This blog post presents our new transform hub item
called NewsLink that we have just released on the Transform Hub. NewsLink aims to
assist in identifying and monitoring patterns in information posted on the
Internet from a wide range of sources including Twitter, blog posts and news
articles.
Every day millions of news articles, blog posts, Tweets, pastes,
etc. are posted online with this continuous stream of information it makes it
difficult to identify what information is important to us and should be
focused on and what could just be ignored. One approach to pick out important
information would be to look at when multiple sources all mention the same people, locations, company names (and a slew of other types of entities) in a
certain time period. This is the basis for NewsLink.
The image of the graph below is a small piece of a graph that was monitoring news articles related to Defcon. The snippets on the right list the news articles that mention both Samy Kamkar and Defcon on …

We're pleased to announce the release of Maltego Chlorine community edition. The release would hopefully solve most of the Java compatibility issues. It comes bundled with Java 8u45 and is available for download at our website [HERE].

The Chlorine release brings (almost) all the goodness of the commercial release with a 0$ price tag. If you're interested in the changes made from Carbon->Chlorine we suggest you view our Chlorine release video [HERE].

One of the main differences between the commercial and the community edition is that it will feature only free items in its Transform Hub.

When Kali Linux 2 is released we'll also release a Maltego for Kali release. In the meanwhile Kali Linux user can simply install the .deb on their Kali Linux.

Additionally we've made a new 'Intro to Maltego' video that will replace the first video in our tutorial series. It was about time - the previous version was made in Oct 2011 and used version 3.0. We've als…

Hello there, Today I am going to talk a bit about our new Linkedin transforms that we have been working on. Linkedin is all about finding connections between
people so what better way to visualize this information than in Maltego. I set out to build some Linkedin
transforms that could help show connections between Linkedin users, their
shares and company profiles that may not be easy to identify on Linkedin
itself. All the transforms that I built here use the Linkedin developer API so
you can log into your own Linkedin account from Maltego and start visualizing
your Linkedin network. Linkedin's API provides awesome search
functionality for finding people and companies by allowing you to refine your
searches with additional search parameters making it a lot easier to find
profiles with common names. Our Linkedin transforms allow you to enter these
additional search parameters using transform settings (transform pop-ups). To search for a
Linkedin company profile from within Maltego yo…